The OS of an SE of a wireless device may be updated. An SE may also be referred to as a removable universal integrated circuit card (UICC) or an embedded UICC (eUICC).
An eUICC is an SE for hosting one or more profiles, which may also be referred to as subscriber identity modules (SIMs), when installed on a UICC, or as electronic SIMs (eSIMs), when installed on an eUICC. A profile includes a combination of operator data and applications provisioned on a UICC/eUICC of a device for the purposes of providing access to services of a cellular wireless network service provider or mobile network operator (MNO). A profile can contain secure data used to prove identity and thus verify contract rights for access to one or more services provided by the MNO.
A profile can be identified by a unique number called an ICCID (Integrated Circuit Card Identifier). Profile management can include a combination of local and remote management operations such as enabling, disabling profile, adding, deleting, and querying profiles present on a UICC/eUICC. In some cases, a wireless device is user equipment used in conjunction with a UICC/eUICC to connect to a mobile network. In a machine-to-machine (M2M) environment, a wireless device may not be associated with a user and may have no user interface. An end user is a person using a (consumer or enterprise) device. An enabled profile can include files and/or applications that are selectable over an interface between a UICC/eUICC and processing circuitry external to the UICC/eUICC and included in the wireless device.
A functional entity that provides profile packages can be referred to as a subscription manager data preparation (SM-DP, or SM-DP+) server, also known as an eSIM server. An SM-DP server may also be referred to as a profile provider or an eSIM vendor. An eSIM is an example of a profile. A profile package can be a personalized profile using an interoperable description format that is transmitted to an eUICC as the basis for loading and installing a profile. Profile data which is unique to a subscriber, e.g., a phone number or an International Mobile Subscriber Identity (IMSI), are examples of personalization data. The SM-DP server communicates over an interface with an eUICC. Certificates used for authentication and confidentiality purposes can be generated by a trusted certificate issuer.
An eUICC includes an operating system, and the operating system can include an ability to provide authentication algorithms to network access applications associated with a given operator. The operating system can also include an ability to translate profile package data into an installed profile using a specific internal format of the eUICC. An ISD-P (issuer security domain—profile) can host a unique profile within an eUICC. An ECASD (embedded UICC controlling authority security domain) provides secure storage of credentials required to support the security domains on an eUICC. A controlling authority security domain (CASD) may also be referred to as a “key store” herein. A security domain within the eUICC contains the operator's over the air (OTA) keys and provides a secure OTA channel for communication of profiles and/or updates thereto. OTA keys are credentials used by an operator for remote management of operator profiles on an eUICC.
Network, device, SE and profile interactions are described in Global System for Mobile Communications (GSM) Association document (GSMA) SGP.22: “RSP Technical Specification,” Version 2.0 Oct. 14, 2016 (hereinafter “SGP.22”), where RSP stands for Remote SIM Provisioning. Some topics related to firmware updates are covered in the Global Platform® document, “Open Firmware Loader for Tamper Resistant Element,” version 1.0.1, February 2017 (hereinafter “GP Loader”). Some SE procedures for sending information are given in “Smart Cards: Card Application Toolkit (CAT),” European Telecommunications Standards Institute (ETSI) Technical Specification (TS) 102.223 v14.0.0, May, 2017 (hereinafter “ETSI 102.223”).